Ransomware insurance is funding cybercrime, says White House official
"This is a troubling practice that must end."
2 minutes
News
Zimbra SMTP vulnerability is being exploited in numbers
The flaw can be exploited by sending an email with a specially crafted CC field.
1 minute
Hybrid cloud environments are not safe from ransomware
A ransomware affiliate has been found compromising hybrid cloud environments.
3 minutes
Android’s Rusty new code shakes off huge number of memory-safe vulnerabilities
Google has dramatically reduced the number of serious memory safety vulnerabilities in Android by shifting to memory-safe languages.
2 minutes
North Korean IT workers—or how not to solve the IT staff shortage
North Korea has been infiltrating organizations using IT workers with fake identities.
3 minutes
Ivanti patches admin bypass for Cloud Services Appliance
Ivanti has released a security advisory for a critical vulnerability in Ivanti CSA 4.6 which is being actively exploited.
2 minutes
Windows MSHTML vulnerability actively exploited
CISA has added another MSHTML vulnerability rooted in Internet Explorer to its known exploited vulnerabilities catalog
1 minute
Microsoft might kick security vendors out of the Windows kernel
Reducing kernel-level access could undermine security vendors' ability to protect systems effectively.
1 minute
Update now! Critical CVSS 10 vulnerability in Ivanti EPM
Ivanti has released a fix for CVE-2024-29847, a deserialization of untrusted data flaw that allows remote code execution in its…
2 minutes
Update now! Four zero-days fixed in September Patch Tuesday
Microsoft’s September Patch Tuesday covers 79 Microsoft CVEs and includes four actively exploited zero-days.
2 minutes
Ransomware gangs target SonicWall vulnerability
SonicWall is urging customers affected by CVE-2024-40766 to "please apply the patch as soon as possible."
2 minutes
At last! Microsoft calls time on ActiveX in Office 2024
When Office 2024 is released next month, ActiveX controls will be off by default in client apps like Word, Excel,…
2 minutes
Patch now! Zero-day used to target ISPs and MSPs
A patch is now available for a high severity vulnerability in Versa Director that can be used to compromise ISPs,…
2 minutes
Ransomware payments on track to smash $1.1 billion record
Median payments to some strains are now $1.5 million—a 650% increase from early 2023.
1 minute
Update now! August Patch Tuesday covers several zero-days
Microsoft’s August Patch Tuesday covers 90 Microsoft CVEs and includes nine actively-exploited zero-days.
2 minutes
Patch now! Microsoft Office flaw could leak NTLM hashes
Microsoft is warning about a Microsoft Office vulnerability which an attacker could use to steal NTLM hashes.
3 minutes
Ransomware group disguises SharpRhino trojan as Angry IP Scanner
Researchers have uncovered more details of a Hunters International campaign that uses search ads to spread the SharpRhino RAT.
1 minute
Azure outage was DDoS attack made worse by failed mitigation
Microsoft says the recent outage affecting Azure and other cloud services was down to a DDoS attack and some faulty…
2 minutes
Patch now! ServiceNow vulnerabilities under active exploitation
Up to 42,000 ServiceNow systems may be at risk of compromise.
1 minute
Google Workspace flaw allowed cybercriminals to impersonate domains
Google claims it has since fixed the problem.
2 minutes
